BIG-IP i2800 got hacked due to default password
Hello devs!
I got to a BIG-IP today that had a public IPv4 directly attached to it. And the client enabled "allow-service default" on it. And obviously he forgot to change the default password and some bot-net got hold of it, and the box was owned.
I now... It's stupid and sad. I know...
I asked them to fully disconnect all its ports so the bot cannot go any further.
In my mind, the way to go would be a full disk erase and re-install from scratch, meaning:
A- Disk erase utility - https://support.f5.com/csp/article/K15521 B- Full re-install - https://support.f5.com/csp/article/K13117
I have two questions:
1- Would disk erase be necessary? Because I think the full re-install already wipes the entire disk? 2- Will I have issues with the license? Since this is a i2800, I think that the license won't change, right?
Thanks! Rafael